210 research outputs found
A Novel Technique for Cloud Computing Data Security and Public Auditing
In prior years, the fast improvement of cloud storage services makes it simpler than at any other time for cloud clients to disseminate information (data) with everyone. To ensure client's trust in the dependability of their public information on the cloud, various strategies have been proposed for information trustworthiness assessing with spotlights on different viable components, secure data destructing, public integrity auditing and so forth.. Since it is not achievable to execute full lifecycle protection security, access control turns into a testing assignment, particularly when we share delicate information on cloud servers. To handle this issue, proposed framework presents a key strategy trait based encryption with time-determined properties (KP-TSABE), another safe information self-destructing framework in distributed computing. Moreover open respectability inspecting frameworks presented for cloud information sharing administrations that check the uprightness of client's delicate information being put away in the cloud. In the KP-TABE plan, each figure content is marked with a period interim while the private key is connected with a period moment. The figure message just is unscrambled if both the time instant is in the permitted time interim and traits which are connected with the figure content guarantee the key's entrance structure. Also, Third Party Auditing (TPA) is acquainted with help clients to assess the danger of their subscribed cloud data administrations. The review result from TPA would likewise be useful for the cloud administration suppliers to upgrade cloud-based administration stage
A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view
Emerge: Self-Emerging Data Release Using Cloud Data Storage
In the age of Big Data, advances in distributed technologies and cloud storage services provide highly efficient and cost-effective solutions to large scale data storage and management. Supporting self-emerging data using clouds is a challenging problem. While straight-forward centralized approaches provide a basic solution to the problem, unfortunately they are limited to a single point of trust. Supporting attack-resilient timed release of encrypted data stored in clouds requires new mechanisms for self emergence of data encryption keys that enables encrypted data to become accessible at a future point in time. Prior to the release time, the encryption key remains undiscovered and unavailable in a secure distributed system, making the private data unavailable. In this paper, we propose Emerge, a self-emerging timed data release protocol for securely hiding data encryption keys of private encrypted data in a large-scale Distributed Hash Table (DHT) network that makes the data available and accessible only at the defined release time. We develop a suite of erasure-coding-based routing path construction schemes for securely storing and routing encryption keys in DHT networks that protect an adversary from inferring the encryption key prior to the release time (release-ahead attack) or from destroying the key altogether (drop attack). Through extensive experimental evaluation, we demonstrate that the proposed schemes are resilient to both release-ahead attack and drop attack as well as to attacks that arise due to traditional churn issues in DHT networks
Privacy Enhancing Technologies for solving the privacy-personalization paradox : taxonomy and survey
Personal data are often collected and processed in a decentralized fashion, within
different contexts. For instance, with the emergence of distributed applications,
several providers are usually correlating their records, and providing personalized services to their clients. Collected data include geographical and indoor
positions of users, their movement patterns as well as sensor-acquired data that
may reveal users’ physical conditions, habits and interests. Consequently, this
may lead to undesired consequences such as unsolicited advertisement and even
to discrimination and stalking. To mitigate privacy threats, several techniques
emerged, referred to as Privacy Enhancing Technologies, PETs for short.
On one hand, the increasing pressure on service providers to protect users’ privacy resulted in PETs being adopted. One the other hand, service providers
have built their business model on personalized services, e.g. targeted ads and
news. The objective of the paper is then to identify which of the PETs have the
potential to satisfy both usually divergent - economical and ethical - purposes.
This paper identifies a taxonomy classifying eight categories of PETs into three
groups, and for better clarity, it considers three categories of personalized services. After defining and presenting the main features of PETs with illustrative
examples, the paper points out which PETs best fit each personalized service
category.
Then, it discusses some of the inter-disciplinary privacy challenges that may
slow down the adoption of these techniques, namely: technical, social, legal and
economic concerns. Finally, it provides recommendations and highlights several
research directions
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
Client-side encryption and key management: enforcing data confidentiality in the cloud.
Master of Science in Computer Science. University of KwaZulu-Natal, Durban 2016.Cloud computing brings flexible, scalable and cost effective services. This is a computing paradigm
whose services are driven by the concept of virtualization and multi-tenancy. These concepts bring
various attractive benefits to the cloud. Among the benefits is reduction in capital costs, pay-per-use
model, enormous storage capacity etc. However, there are overwhelming concerns over data
confidentiality on the cloud. These concerns arise from various attacks that are directed towards
compromising data confidentiality in virtual machines (VMs). The attacks may include inter-VM and VM
sprawls. Moreover, weaknesses or lack of data encryption make such attacks to thrive. Hence, this
dissertation presents a novel client-side cryptosystem derived from evolutionary computing concepts. The
proposed solution makes use of chaotic random noise to generate a fitness function. The fitness function
is used to generate strong symmetric keys. The strength of the encryption key is derived from the chaotic
and randomness properties of the input noise. Such properties increase the strength of the key without
necessarily increasing its length. However, having the strongest key does not guarantee confidentiality if
the key management system is flawed. For example, encryption has little value if key management
processes are not vigorously enforced. Hence, one of the challenges of cloud-based encryption is key
management. Therefore, this dissertation also makes an attempt to address the prevalent key management
problem. It uses a counter propagation neural network (CPNN) to perform key provision and revocation.
Neural networks are used to design ciphers. Using both supervised and unsupervised machine learning
processes, the solution incorporates a CPNN to learn a crypto key. Using this technique there is no need
for users to store or retain a key which could be compromised. Furthermore, in a multi-tenant and
distributed environment such as the cloud, data can be shared among multiple cloud users or even
systems. Based on Shamir's secret sharing algorithm, this research proposes a secret sharing scheme to
ensure a seamless and convenient sharing environment. The proposed solution is implemented on a live
openNebula cloud infrastructure to demonstrate and illustrate is practicability
- …